Difference between revisions of "User:Brennan"

From OWASP
Jump to: navigation, search
m
m
(7 intermediate revisions by one user not shown)
Line 2: Line 2:
  
  
Tom Brennan is a volunteer to the OWASP Foundation since 2004 when he founded the [http://www.meetup.com/OWASP-New-Jersey/ New Jersey Chapter]. That chapter later merged with the [http://www.meetup.com/OWASP-NYC New York City Chapter].  He was appointed to the International Board of Directors in 2007 and was [https://www.owasp.org/index.php/Membership/2012_Election#2012_Board_Election_RESULTS re-elected] by the membership in 2012 for another two year term. During his leadership of OWASP Foundation he has led many global and local initiatives for OWASP.
+
Tom Brennan is volunteer to the OWASP Foundation since 2004 when he founded the [http://www.meetup.com/OWASP-New-Jersey/ New Jersey Chapter] after serving on the Board of Directors for the FBI Infragard program in New Jersey. The NJ OWASP Chapter later merged with the [http://www.meetup.com/OWASP-NYC New York City Chapter] in 2006.
  
- BIO and written recommendations from 60+ infosec community members: [http://www.linkedin.com/in/tombrennan ONLINE]
+
Tom was appointed to the Global Board of Directors in 2007 by his peers and was [https://www.owasp.org/index.php/Membership/2012_Election#2012_Board_Election_RESULTS re-elected] by the membership in 2012 for another two year term.
 +
 
 +
During his leadership of OWASP Foundation he has led many global and local initiatives for OWASP
 +
 
 +
- Written recommendations from 60+ industry leaders: [http://www.linkedin.com/in/tombrennan ONLINE]
 +
- OWASP interview at AppSecUSA 2013 - [http://www.youtube.com/watch?v=jU-QEUeh9-U Video]
  
 
- Interview with [https://www.owasp.org/images/9/9f/WEB_APPC_PENTESTING_03_2012.pdf PenTest Magazine] about OWASP Foundation.
 
- Interview with [https://www.owasp.org/images/9/9f/WEB_APPC_PENTESTING_03_2012.pdf PenTest Magazine] about OWASP Foundation.
Line 10: Line 15:
 
- 2012 OWASP Board Candidate Interview: [https://www.owasp.org/download/2012-board-election/OWASP2012BoardInterviews_TomBrennan.mp3 Audio] / [https://www.owasp.org/images/e/e3/OWASP_2012_Board_Interviews_-_Tom_Brennan.pdf Transcript]
 
- 2012 OWASP Board Candidate Interview: [https://www.owasp.org/download/2012-board-election/OWASP2012BoardInterviews_TomBrennan.mp3 Audio] / [https://www.owasp.org/images/e/e3/OWASP_2012_Board_Interviews_-_Tom_Brennan.pdf Transcript]
  
- Video Interview about OWASP with Tom Brennan - [http://vimeo.com/23889097 Video 1], [https://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Video 2]
+
- Video Interview about OWASP with Tom Brennan, 2008 - [http://vimeo.com/23889097 Video 1], [https://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Video 2]
  
 
- Thousands of wiki commits to OWASP.ORG since 2004 see:  [https://www.owasp.org/index.php/Special:Contributions/Brennan Wiki Edits]
 
- Thousands of wiki commits to OWASP.ORG since 2004 see:  [https://www.owasp.org/index.php/Special:Contributions/Brennan Wiki Edits]
  
Tom holds many industry certifications since he began his technical journey in 1983 including the (ISC)²® CBK / CISSP  
+
Tom holds many industry certifications since he began his technical journey in 1983 including the (ISC)²® CBK / CISSP and many others
  
 
Contributor to many OWASP projects including:
 
Contributor to many OWASP projects including:
Line 26: Line 31:
 
-- [https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project OWASP Mod_Security Core Rule Set]
 
-- [https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project OWASP Mod_Security Core Rule Set]
  
In addition to investing thousands of hours sharing technical and non-technical advice at OWASP, since 2010 Tom is the Director Product/Service Marketing at <b>[https://www.trustwave.com/spiderLabs-services.php Trustwave SpiderLabs]</b> focused on [https://www.trustwave.com/compromised.php response and investigation], [https://www.trustwave.com/application-security/ analysis and testing], [http://blog.spiderlabs.com/ research and development].    Trustwave with over 1000 employees is headquartered in the United States in Chicago, Ill. with offices throughout Africa, Asia, Australia, Europe, North America and South America.  Recently has pushed the [https://www.trustwave.com/sae_sample/owasp-top-10/Start.htmOWASP Top 10 CBT] to the community
+
In addition to investing thousands of hours sharing technical and non-technical advice at OWASP, since 2010 Tom is a Director at <b>[https://www.trustwave.com/spiderLabs-services.php Trustwave SpiderLabs]</b> focused on [https://www.trustwave.com/compromised.php response and investigation], [https://www.trustwave.com/application-security/ analysis and testing], [http://blog.spiderlabs.com/ research and development].    Trustwave with over 1000 employees is headquartered in the United States in Chicago, Ill. with offices throughout Africa, Asia, Australia, Europe, North America and South America.  Recently has pushed the [https://www.trustwave.com/sae_sample/owasp-top-10/Start.htm OWASP Top 10 CBT] to the community
  
 
Tom is frequent and entertaining speaker at information security conferences and technical briefings worldwide including Blackhat, GFIRST,HOPE, FBI/DHS/USSS, ISSA, ISACA, Global and Local OWASP events on the convergence of physical and software security risks, threats and suggestions on a better approach to filter the noise with actionable intelligence.  
 
Tom is frequent and entertaining speaker at information security conferences and technical briefings worldwide including Blackhat, GFIRST,HOPE, FBI/DHS/USSS, ISSA, ISACA, Global and Local OWASP events on the convergence of physical and software security risks, threats and suggestions on a better approach to filter the noise with actionable intelligence.  
 +
 +
 +
<b>Looking for a Speaker for your next event?</b>
 +
 +
 +
ABSTRACT #1
 +
 +
<b>What Does the Breach Say?</b>
 +
 +
This lively presentation updated monthly will focus on the results of exploits and attacks YTD 2014. It will provide insight into what can be learned from the the who, what and how and connect the dots to defenses for your organization NOT to be the next victim on the list — and what to do if you meet a friendly horse.
 +
 +
o()xxxx[{:::::::::::::::::::::>
 +
 +
ABSTRACT #2
 +
 +
<b>Tired of Powerpoint?  Shall we Play a Game?</b>
 +
 +
Have you ever wondered how a advesary team would target your organization?  Ranging from Web Applications to Physical Security this RED/BLUE team exercise will take members of the audience and walk them through a interactive learning exercise.  Attendees and participants will each play a role and the outcome will be unique to the threats presented and the participants experiences.  A take away from the session will be a reference framework that can be leveraged
 +
 +
o()xxxx[{:::::::::::::::::::::>
 +
 +
ABSTRACT #3
 +
 +
<b> All Aboard The OWASP Choo Choo </b>
 +
 +
This talk is a introduction to the history and ongoing mission of OWASP Foundation. It provides a education of  strategic initiatives underway, projects, chapters and is perfect for attendees that have heard about OWASP but don't really understand what or how to leverage OWASP wealth of information.
 +
 +
o()xxxx[{:::::::::::::::::::::>
 +
 +
ABSTRACT #4
 +
 +
<b> Security Hacking 101 </b>
 +
 +
Need a interactive presentation that will demonstrate the current state of Application Security?  This presentation will leverage OWASP projects to demonstrate how-to-hack a web application for fun and profit.  There are (49) Classes of Attack on a application and this talk will describe them and DEEP DIVE on several to illustrate the point of the selected attack vectors.
  
 
<hr>
 
<hr>
 +
 +
Additional topics are available contact tomb(AT)owasp.org for more information or simply call 973-202-0122.  Round-trip travel and lodging by the event/conference is requested in trade for the time and sharing of the knowledge with the attendees.

Revision as of 12:08, 12 December 2013

2013-Brennan-Press-Photo.JPG


Tom Brennan is volunteer to the OWASP Foundation since 2004 when he founded the New Jersey Chapter after serving on the Board of Directors for the FBI Infragard program in New Jersey. The NJ OWASP Chapter later merged with the New York City Chapter in 2006.

Tom was appointed to the Global Board of Directors in 2007 by his peers and was re-elected by the membership in 2012 for another two year term.

During his leadership of OWASP Foundation he has led many global and local initiatives for OWASP

- Written recommendations from 60+ industry leaders: ONLINE - OWASP interview at AppSecUSA 2013 - Video

- Interview with PenTest Magazine about OWASP Foundation.

- 2012 OWASP Board Candidate Interview: Audio / Transcript

- Video Interview about OWASP with Tom Brennan, 2008 - Video 1, Video 2

- Thousands of wiki commits to OWASP.ORG since 2004 see: Wiki Edits

Tom holds many industry certifications since he began his technical journey in 1983 including the (ISC)²® CBK / CISSP and many others

Contributor to many OWASP projects including:

-- OWASP RFQ Criteria, Software Security

-- OWASP HTTP Post DoS Tool

-- OWASP Testing Guide

-- OWASP Mod_Security Core Rule Set

In addition to investing thousands of hours sharing technical and non-technical advice at OWASP, since 2010 Tom is a Director at Trustwave SpiderLabs focused on response and investigation, analysis and testing, research and development. Trustwave with over 1000 employees is headquartered in the United States in Chicago, Ill. with offices throughout Africa, Asia, Australia, Europe, North America and South America. Recently has pushed the OWASP Top 10 CBT to the community

Tom is frequent and entertaining speaker at information security conferences and technical briefings worldwide including Blackhat, GFIRST,HOPE, FBI/DHS/USSS, ISSA, ISACA, Global and Local OWASP events on the convergence of physical and software security risks, threats and suggestions on a better approach to filter the noise with actionable intelligence.


Looking for a Speaker for your next event?


ABSTRACT #1

What Does the Breach Say?

This lively presentation updated monthly will focus on the results of exploits and attacks YTD 2014. It will provide insight into what can be learned from the the who, what and how and connect the dots to defenses for your organization NOT to be the next victim on the list — and what to do if you meet a friendly horse.

o()xxxx[{:::::::::::::::::::::>

ABSTRACT #2

Tired of Powerpoint? Shall we Play a Game?

Have you ever wondered how a advesary team would target your organization? Ranging from Web Applications to Physical Security this RED/BLUE team exercise will take members of the audience and walk them through a interactive learning exercise. Attendees and participants will each play a role and the outcome will be unique to the threats presented and the participants experiences. A take away from the session will be a reference framework that can be leveraged

o()xxxx[{:::::::::::::::::::::>

ABSTRACT #3

All Aboard The OWASP Choo Choo

This talk is a introduction to the history and ongoing mission of OWASP Foundation. It provides a education of strategic initiatives underway, projects, chapters and is perfect for attendees that have heard about OWASP but don't really understand what or how to leverage OWASP wealth of information.

o()xxxx[{:::::::::::::::::::::>

ABSTRACT #4

Security Hacking 101

Need a interactive presentation that will demonstrate the current state of Application Security? This presentation will leverage OWASP projects to demonstrate how-to-hack a web application for fun and profit. There are (49) Classes of Attack on a application and this talk will describe them and DEEP DIVE on several to illustrate the point of the selected attack vectors.


Additional topics are available contact tomb(AT)owasp.org for more information or simply call 973-202-0122. Round-trip travel and lodging by the event/conference is requested in trade for the time and sharing of the knowledge with the attendees.